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In the Claims 

A) Claims 2, 6, 9, 11-14, 36, 38, 58 and 63-69 remain in their original form. 

B) Claims 1 7 — 3 1 , 40 — 5 5 and 72 — 85 were previously withdrawn. 

C) Claims 1,3-5, 7, 32, 37, 56 and 57 are currently amended. 

D) Claims 10, 16, 33-35, 39 and 59-62 are cancelled. 

E) Claims 8, 15, 70 and 71 are previously presented. 

1. (Currently Amended) A method comprising: 

creating a data structure including a plurality of user id-user key pairs, each 
user id-user key pair comprising a user id associated with one of a plurality of 
users and a user key comprising a master key and a keyed-hash message 
authentication code encrypted using a password associated with the one of the 
plurality of users; and 

storing data watermarked using the master key; 

receiving a user id and user password from one of the plurality of users; 
selecting a user key from the data structure based on the received user id; 
hashing the received password to produce a hash value; 
decrypting the selected user key using the hash value to reproduce the 
master key; 

using the master key to access the watermarked data; and 
delivering the data structure to one or more of the plurality of users. 

2. (Original) A method as recited in claim 1, wherein the act of 
delivering comprises delivering the data structure to each of the plurality of users. 
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3. (Currently Amended) A method as recited in claim 1 , wherein each 
the master key is encrypted using a hash of the password associated with the one 
of the plurality of users. 

4. (Currently Amended) A method as recited in claim 1 , wherein each 
the master key is encrypted using a one-way hash of the password associated with 
the one of the plurality of users. 

5. (Currently Amended) A method as recited in claim 1 , wherein each 
the master key is encrypted using a cryptographic hash of the password associated 
with the one of the plurality of users. 

6. (Original) A method as recited in claim 1 , wherein each user key 
has an integrity verification feature associated therewith. 

7. (Currently Amended) A method as recited in claim 1 , wherein each 
the master key has an integrity verification feature associated therewith. 

8. (Previously Presented) A method as recited in claim 1, wherein 
each master key and each user key has an integrity verification feature associated 
therewith. 
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9. (Original) A method as recited in claim 1 , wherein each user key 
includes a checksum. 

10. (Cancel) 

11. (Original) A method as recited in claim 1 , further comprising: 
transforming data using the master key. 

12. (Original) A method as recited in claim 1, further comprising: 
storing data transformed using the master key; and 

controlling access by the plurality of users to the transformed data. 

13. (Original) A method as recited in claim 1, further comprising: 
storing data transformed using the master key; 

receiving a user id and user password from one of the plurality of users; and 
controlling access to the transformed data by the one of the plurality of 
users based on the received user id and user password. 

14. (Original) A method as recited in claim 1 , further comprising: 
storing data transformed using the master key; 

receiving a user id and user password from one of the plurality of users; and 
accessing the transformed data using the received user id and user 
password. 
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15. (Previously Presented) A method as recited in claim 1, further 
comprising: 

storing data transformed using the master key; 

receiving a user id and user password from one of the plurality of users; 
selecting a user key from the data structure based on the received user id; 
decrypting the selected user key using the received password to reproduce 
the master key; and 

using the master key to access the data. 

16. (Cancelled) 

17. (Withdrawn) A method comprising: 

retrieving a user key associated with a first user of a plurality of users from 
a data structure comprising a plurality of user keys, each user key comprising a 
master key encrypted using a password associated with a unique one of the 
plurality of users; 

decrypting the retrieved user key using a password associated with the first 
user to produce a master key; and 

accessing data using the master key. 

18. (Withdrawn) A method as recited in claim 17, wherein the user key 
is retrieved using a user id associated with the first user. 
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19. (Withdrawn) A method as recited in claim 17, wherein the data 
structure comprises a plurality of user id-user key pairs, each user id-user key pair 
comprising a user id associated with one of a plurality of users and a user key 
associated with the one of the plurality of users. 

20. (Withdrawn) A method as recited in claim 17, wherein the data 
structure comprises a plurality of user id-user key pairs, each user id-user key pair 
comprising a user id associated with one of a plurality of users and a user key 
associated with the one of the plurality of users, and wherein the user key is 
retrieved using a user id associated with the first user. 

21. (Withdrawn) A method as recited in claim 17, wherein the act of 
decrypting the user key comprises decrypting the user key using a hash of the 
password associated with the first user. 

22. (Withdrawn) A method as recited in claim 17, wherein the act of 
decrypting the retrieved user key comprises: 

hashing the password associated with the first user to produce a hash value; 

and 

using the hash value as a decryption key to decrypt the user key. 

23. (Withdrawn) A method as recited in claim 17, wherein the act of 
decrypting the retrieved user key comprises: 
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hashing the password associated with the first user using a one-way hash 
function; and 

using the result of the one-way hash function as a decryption key to decrypt 
the user key. 

24. (Withdrawn) A method as recited in claim 17, wherein the act of 
decrypting the retrieved user key comprises: 

hashing the password associated with the first user using a cryptographic 
hash function; and 

using the result of the cryptographic hash function as a decryption key to 
decrypt the user key. 

25. (Withdrawn) A method as recited in claim 17, wherein each of the 
plurality of user keys includes a data verification feature. 

26. (Withdrawn) A method as recited in claim 17, wherein each of the 
plurality of master keys includes a data verification feature. 

27. (Withdrawn) A method as recited in claim 17, further comprising: 
verifying the integrity of the retrieved user key. 

28. (Withdrawn) A method as recited in claim 17, wherein the 
retrieved user key includes an integrity verification feature and wherein the 
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method further comprises verifying the integrity of the retrieved user key using the 
integrity verification feature. 

29. (Withdrawn) A method as recited in claim 17, wherein the 
retrieved user key includes a checksum and wherein the method further comprises 
verifying the integrity of the retrieved user key using the checksum. 

30. (Withdrawn) A method as recited in claim 17, wherein the 
retrieved user key includes a message authentication code and wherein the method 
further comprises verifying the integrity of the retrieved user key using the 
message authentication code. 

31. (Withdrawn) A method as recited in claim 17, wherein the 
retrieved user key includes a keyed-hash message authentication code and wherein 
the method further comprises verifying the integrity of the retrieved user key using 
the keyed-hash message authentication code. 

32. (Currently Amended) A computer readable medium having stored 
thereon a data structure computer executable instructions for performing acts 
comprising: 

a plurality of user id user key pairs, each user id user key pair comprising a 
user id associated with one of a plurality of users and a user key comprising a 
mast e r k e y and a k e y e d - hash m e ssag e auth e ntication cod e e ncrypt e d using a 
password associated with the one of the plurality of users. 
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accessing a user key associated with a user ID, wherein the accessing is 



from a user key data structure and is upon presentation of a user ID of a user, and 
wherein the user key data structure comprises a plurality of encryptions of a 
master key, and wherein each of the plurality of encryptions of the master key is 
associated with one of a plurality of users, respectively, and wherein each of the 
plurality of encryptions of the user master key was encrypted by operation of a 
reversible process using a hash value of a password of an associated user as a key 
in the reversible process; 

hashing, upon presentation of a password of the user, the presented 
password, to thereby produce a hash value; 

decrypting the user key using the hash value, thereby creating the master 

key; 

decrypting data using the master key. 
33-35. (Cancelled) 

36. (Original) A computer readable medium as recited in claim 32, 
wherein each user key includes an integrity verification feature. 

37. (Currently Amended) A computer readable medium as recited in 
claim 32, wherein each the master key includes an integrity verification feature. 

38. (Original) A computer readable medium as recited in claim 32, 
wherein each user key includes a checksum. 
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39. (Cancel) 

40. (Withdrawn) A system comprising: 

a hashing module operable to hash each of a plurality of user passwords to 
produce a plurality of hash values; 

an encryption module operable to create a plurality of user keys, each user 
key comprising a master key encrypted using one of the hash values as an 
encryption key; and 

a data structure creation module operable to associate each of the user keys 
with a user id in a data structure. 

41. (Withdrawn) A system as defined in claim 40, wherein the hashing 
module produces the hash values using a one-way hashing function. 

42. (Withdrawn) A system as defined in claim 40, wherein the hashing 
module produces the hash values using a cryptographic hashing function. 

43. (Withdrawn) A system as defined in claim 40, wherein the data 
structure creation module associates each user key with a user id in a user id-user 
key pair, and wherein each user id-user key pair is associated with a single user. 

44. (Withdrawn) A system as defined in claim 40, wherein the 
encryption module includes an integrity verification feature in each user key. 
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45. (Withdrawn) A system as defined in claim 40, wherein the 
encryption module includes a checksum in each user key. 

46. (Withdrawn) A system as defined in claim 40, wherein the 
encryption module includes a message authentication code in each user key. 

47. (Withdrawn) A system as defined in claim 40, wherein the 
encryption module includes a keyed-hash message authentication code in each 
user key. 

48. (Withdrawn) A system comprising: 

a user key data structure including plurality of user id-user key pairs, each 
user key pair including a user key and a user id associated with one of a plurality 
of users, each user key comprising an encrypted version of a common master key; 

a master key decryption module operable to select a user key from the user 
key data structure based on a user id received from one of the plurality of users 
and to decrypt the selected user key using a password received from the one of the 
plurality of users. 

49. (Withdrawn) A system as recited in claim 48, further comprising a 
data decryption module operable to decrypt data encrypted using the master key as 
an encryption key. 
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50. (Withdrawn) A system as recited in claims 48, further comprising 
an error handler module operable to indicate to the one of the plurality when an 
error occurs in decrypting the user key. 

51. (Withdrawn) A system as recited in claims 48, wherein the master 
key decryption module comprises: 

a hashing module operable to hash a password received from the one of the 
plurality of users to produce a hash value; and 

a user key decryption module operable to select a user key from the user 
key data structure based on a user id received from one of the plurality of users 
and to decrypt the selected user key using the hash value as a decryption key. 

52. (Withdrawn) A system as recited in claims 48, wherein the master 
key decryption module comprises: 

a hashing module operable to hash a password received from the one of the 
plurality of users using a one-way hashing function to produce a hash value; and 

a user key decryption module operable to select a user key from the user 
key data structure based on a user id received from one of the plurality of users 
and to decrypt the selected user key using the hash value as a decryption key. 

53. (Withdrawn) A system as recited in claim 48, wherein the master 
key decryption module comprises: 
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a hashing module operable to hash a password received from the one of the 
plurality of users using a cryptographic hashing function to produce a hash value; 
and 

a user key decryption module operable to select a user key from the user 
key data structure based on a user id received from one of the plurality of users 
and to decrypt the selected user key using the hash value as a decryption key. 

54. (Withdrawn) A system as recited in claims 48, wherein the master 
key decryption module comprises: 

a hashing module operable to hash a password received from the one of the 
plurality of users to produce a hash value; and 

a user key decryption and integrity module operable to select a user key 
from the user key data structure based on a user id received from one of the 
plurality of users, to confirm the integrity of the selected user id, and to decrypt 
the selected user key using the hash value as a decryption key. 

55. (Withdrawn) A system as recited in claims 48, wherein each user 
key in the user key data structure includes an integrity verification feature, and 
wherein the master key decryption module comprises: 

a hashing module operable to hash a password received from the one of the 
plurality of users to produce a hash value; and 

a user key decryption and integrity module operable to select a user key 
from the user key data structure based on a user id received from one of the 
plurality of users, to confirm the integrity of the selected user id using the integrity 
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verification feature included in the user key, and to decrypt the selected user key 
using the hash value as a decryption key. 

56. (Currently Amended) A system comprising: 

means for producing a plurality of user key s, wherein each user key is 
associated with each one of a plurality of users , respectively, and wherein each of 
the plurality of user keys is an encryption of a single master key, and wherein the 
encryption is by operation of a reversible process using a hash value of a different 
password associated with each user as a key in the reversible process; each user 
key comprising a master key and a keyed hash message authentication code 
e ncrypt e d using a password of th e on e of the plurality of us e rs associat e d with th e 
us e r k e y; and 

means for checking integrity of the plurality of user keys after each of the 
plurality of user keys is produced, wherein the integrity check comprises 
decrypting the user key for comparison to the master key; 

means for storing a plurality of user IDs, wherein each user ID is associated 
with one of a plurality of user keys within a user key data structure, and wherein 
the user key data structure is configured to provide a user key in response to input 
of a user ID; 

means for accessing, upon presentation of a user ID of a user, a user key 
associated with the user ID of the user, wherein the accessing is from the user key 
data structure; 

means for hashing, upon presentation of a password of the user, the 
presented password to produce a hash value; 
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means for decrypting the user key using the hash value, thereby creating the 
master key; 

means for preventing fraudulent access to data comprising: tracking 
attempts by a user to access data, and blocking attempts for a time period after a 
threshold number of failed attempts; reporting failed data access attempts to a 
system administrator according to user ID; increasing a time period a user must 
wait to attempt to access data after successive failed attempts to access the data; 
and, deleting a user ID and a user key after a threshold number of failed attempts 
to access data; and 

means for decrypting data using the master key. 

m e ans for associating e ach of the us e r k e ys with a us e r id of th e on e of th e 
plurality of us e rs associat e d with th e us e r k e y in a data structur e . 

57. (Currently Amended) A computer-readable medium having stored 
thereon computer executable instructions for performing acts of: 

creating a data structure including comprising a plurality of use r id user key 
pairs, e ach us e r id - us e r k e y pair comprising a us e r id associat e d with on e of a 
plurality of users and a user key comprising a master key and a keyed hash 
message authentication code encrypted using a password associated with the one 
of th e plurality of us e rs, keys paired with user IDs, wherein each user key is 
associated with one of a plurality of users, respectively, and wherein each of the 
plurality of user keys is an encryption of a single master key, encrypted by 
operation of a reversible process using a hash value of a password associated with 
user; 
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accessing, upon presentation of a user ID of a user, a user key associated 
with the user ID, from the data structure; 

hashing, upon presentation of a password of the user, the presented 
password to produce a hash value; 

decrypting the user key using the hash value, thereby creating the master 

key; 

decrypting data using the master key. 

58. (Original) A computer-readable medium as recited in claim 57 
having further computer executable instructions for performing acts of: 

delivering the data structure to one or more of the plurality of users. 

59-62. (Cancelled). 

63. (Original) A computer-readable medium as recited in claim 57, 
wherein each user key has an integrity verification feature associated therewith. 

64 (Original) A computer-readable medium as recited in claim 57, 
wherein each user key includes a checksum. 

65. (Original) A computer-readable medium as recited in claim 57, 
wherein each user key includes a keyed-hash message authentication code. 
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66. (Original) A computer-readable medium as recited in claim 57 
having further computer executable instructions for performing acts of: 

transforming data using the master key. 

67. (Original) A computer-readable medium as recited in claim 57 
having further computer executable instructions for performing acts of: 

storing data transformed using the master key; and 

controlling access by the plurality of users to the transformed data. 

68. (Original) A computer-readable medium as recited in claim 57 
having further computer executable instructions for performing acts of: 

storing data transformed using the master key; 

receiving a user id and user password from one of the plurality of users; and 
controlling access to the transformed data by the one of the plurality of 
users based on the received user id and user password. 

69. (Original) A computer-readable medium as recited in claim 57 
having further computer executable instructions for performing acts of: 

storing data encrypted using the master key; 

receiving a user id and user password from one of the plurality of users; and 
accessing the transformed data using the received user id and user 
password. 
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70. (Previously Presented) A computer-readable medium as recited in 
claim 57 having further computer executable instructions for performing acts of: 

storing data encrypted using the master key; 

receiving a user id and user password from one of the plurality of users; 
selecting a user key from the data structure based on the received user id; 
decrypting the selected user key using the received password to reproduce 
the master key; and 

using the master key to decrypt the data. 

71. (Previously Presented) A computer-readable medium as recited in 
claim 57 having further computer executable instructions for performing acts of: 

storing data watermarked using the master key; 

receiving a user id and user password from one of the plurality of users; and 
selecting a user key from the data structure based on the received user id; 
hashing the received password to produce a hash value; 
decrypting the selected user key using the hash value to reproduce the 
master key; and 

using the master key to access the watermarked data. 

72. (Withdrawn) A computer-readable medium having stored thereon 
computer executable instructions for performing acts of: 

retrieving a user key associated with a first user of a plurality of users from 
a data structure comprising a plurality of user keys, each user key comprising a 
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master key encrypted using a password associated with a unique one of the 
plurality of users; 

decrypting the retrieved user key using a password associated with the first 
user to produce a master key; and 

accessing data using the master key. 

73. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the user key is retrieved using a user id associated with the first user. 

74. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the data structure comprises a plurality of user id-user key pairs, each user 
id-user key pair comprising a user id associated with one of a plurality of users 
and a user key associated with the one of the plurality of users. 

75. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the data structure comprises a plurality of user id-user key pairs, each user 
id-user key pair comprising a user id associated with one of a plurality of users 
and a user key associated with the one of the plurality of users, and wherein the 
user key is retrieved using a user id associated with the first user. 

76. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the act of decrypting the user key comprises decrypting the user key using 
a hash of the password associated with the first user. 
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77. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the act of decrypting the retrieved user key comprises: 

hashing the password associated with the first user to produce a hash value; 

and 

using the hash value as a decryption key to decrypt the user key. 

78. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the act of decrypting the retrieved user key comprises: 

hashing the password associated with the first user using a one-way hash 
function; and 

using the result of the one-way hash function as a decryption key to decrypt 
the user key. 

79. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the act of decrypting the retrieved user key comprises: 

hashing the password associated with the first user using a cryptographic 
hash function; and 

using the result of the cryptographic hash function as a decryption key to 
decrypt the user key. 

80. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein each of the plurality of user key includes a data verification feature. 



20 



1 

2 
3 
4 
5 
6 
7 
X 
9 
10 

12 
13 
14 
15 
16 
17 
IX 
19 
20 
21 
22 
23 
24 
25 



S/N 10/700,786 



Response to Office Action Dated 04/09/2008 



81. (Withdrawn) A computer-readable medium as recited in claim 72 
having further computer executable instructions for performing acts of: 

verifying the integrity of the retrieved user key. 

82. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the retrieved user key includes an integrity verification feature and 
wherein the method further comprises verifying the integrity of the retrieved user 
key using the integrity verification feature. 

83. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the retrieved user key includes a checksum and wherein the method 
further comprises verifying the integrity of the retrieved user key using the 
checksum. 

84. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the retrieved user key includes a message authentication code and 
wherein the method further comprises verifying the integrity of the retrieved user 
key using the message authentication code. 

85. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the retrieved user key includes a keyed-hash message authentication code 
and wherein the method further comprises verifying the integrity of the retrieved 
user key using the keyed-hash message authentication code. 
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